Marco Ivaldi
@raptor.infosec.exchange.ap.brid.gy
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
[bridged from https://infosec.exchange/@raptor on the fediverse by https://fed.brid.gy/ ]
[bridged from https://infosec.exchange/@raptor on the fediverse by https://fed.brid.gy/ ]
Reposted by Marco Ivaldi
[meta]
When I watch sector specific experts tell me their sector is special.<snark />. They're more like other sectors than they necessarily think.
When I watch sector specific experts tell me their sector is special.<snark />. They're more like other sectors than they necessarily think.
November 16, 2025 at 1:56 AM
[meta]
When I watch sector specific experts tell me their sector is special.<snark />. They're more like other sectors than they necessarily think.
When I watch sector specific experts tell me their sector is special.<snark />. They're more like other sectors than they necessarily think.
Reposted by Marco Ivaldi
While cleaning a storage room, our staff found this tape containing #unix v4 from Bell Labs, circa 1973
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
#retrocomputing
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
#retrocomputing
November 6, 2025 at 8:50 PM
While cleaning a storage room, our staff found this tape containing #unix v4 from Bell Labs, circa 1973
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
#retrocomputing
Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition
We have arranged to deliver it to the Computer History Museum
#retrocomputing
Reposted by Marco Ivaldi
Our senior security analyst @0x_nope@twitter.com has published a follow-up to his popular #groovy Template Engine #exploitation writeup:
https://hnsecurity.it/blog/groovy-template-engine-exploitation-part-2/
Check out some new practical exploitation tricks that he figured out while working on […]
https://hnsecurity.it/blog/groovy-template-engine-exploitation-part-2/
Check out some new practical exploitation tricks that he figured out while working on […]
Original post on infosec.exchange
infosec.exchange
November 11, 2025 at 8:41 AM
Our senior security analyst @0x_nope@twitter.com has published a follow-up to his popular #groovy Template Engine #exploitation writeup:
https://hnsecurity.it/blog/groovy-template-engine-exploitation-part-2/
Check out some new practical exploitation tricks that he figured out while working on […]
https://hnsecurity.it/blog/groovy-template-engine-exploitation-part-2/
Check out some new practical exploitation tricks that he figured out while working on […]
Reposted by Marco Ivaldi
The release candidate of the OWASP Top 10 2025 has been released
owasp.org/Top10/2025/0...
The definitive release should be out on November 20th
owasp.org/Top10/2025/0...
The definitive release should be out on November 20th
Introduction - OWASP Top 10:2025 RC1
OWASP Top 10:2025 RC1
owasp.org
November 7, 2025 at 12:19 PM
The release candidate of the OWASP Top 10 2025 has been released
owasp.org/Top10/2025/0...
The definitive release should be out on November 20th
owasp.org/Top10/2025/0...
The definitive release should be out on November 20th
Reposted by Marco Ivaldi
It's amazing how many pen testers don't want to do the hard yards and do proper offensive analysis of configs or reverse engineer the services and protocols that are running. Firing up nmap and Nessus is all well and good but it's *not* an effective analysis of the attack surfaces. Looking at a […]
Original post on infosec.exchange
infosec.exchange
November 6, 2025 at 10:55 PM
It's amazing how many pen testers don't want to do the hard yards and do proper offensive analysis of configs or reverse engineer the services and protocols that are running. Firing up nmap and Nessus is all well and good but it's *not* an effective analysis of the attack surfaces. Looking at a […]
Reposted by Marco Ivaldi
I wrote up some notes on two new papers on prompt injection: Agents Rule of Two (from Meta AI) and The Attacker Moves Second (from Anthropic + OpenAI = DeepMind + others) https://simonwillison.net/2025/Nov/2/new-prompt-injection-papers/
New prompt injection papers: Agents Rule of Two and The Attacker Moves Second
Two interesting new papers regarding LLM security and prompt injection came to my attention this weekend. Agents Rule of Two: A Practical Approach to AI Agent Security The first is …
simonwillison.net
November 2, 2025 at 11:11 PM
I wrote up some notes on two new papers on prompt injection: Agents Rule of Two (from Meta AI) and The Attacker Moves Second (from Anthropic + OpenAI = DeepMind + others) https://simonwillison.net/2025/Nov/2/new-prompt-injection-papers/
Reposted by Marco Ivaldi
infosec has a lot to learn about understanding failure conditions and accurate, understandable error messages from roadies
November 2, 2025 at 7:09 PM
infosec has a lot to learn about understanding failure conditions and accurate, understandable error messages from roadies
Reposted by Marco Ivaldi
The other day we had our first ever chained AI tool success on the #curl factory floor:
- tool A found a possible flaw in code and reported it.
- using the plain English description from tool A, tool B could create a reproducible by itself that verified the finding
The sense of magic is […]
- tool A found a possible flaw in code and reported it.
- using the plain English description from tool A, tool B could create a reproducible by itself that verified the finding
The sense of magic is […]
Original post on mastodon.social
mastodon.social
October 29, 2025 at 7:52 AM
The other day we had our first ever chained AI tool success on the #curl factory floor:
- tool A found a possible flaw in code and reported it.
- using the plain English description from tool A, tool B could create a reproducible by itself that verified the finding
The sense of magic is […]
- tool A found a possible flaw in code and reported it.
- using the plain English description from tool A, tool B could create a reproducible by itself that verified the finding
The sense of magic is […]
Reposted by Marco Ivaldi
#brida 0.6 is here! The bridge between #burpsuite and #frida is now fully compatible with Frida 17+.
As of this release, Brida 0.6 supports only Frida 17 and later. For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub.
Get the latest release here […]
As of this release, Brida 0.6 supports only Frida 17 and later. For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub.
Get the latest release here […]
Original post on infosec.exchange
infosec.exchange
October 28, 2025 at 10:32 AM
#brida 0.6 is here! The bridge between #burpsuite and #frida is now fully compatible with Frida 17+.
As of this release, Brida 0.6 supports only Frida 17 and later. For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub.
Get the latest release here […]
As of this release, Brida 0.6 supports only Frida 17 and later. For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub.
Get the latest release here […]
Reposted by Marco Ivaldi
New, long, oral history of Ken Thompson, my and everyone's hero.
From the Computer History Museum: https://computerhistory.org/blog/a-computing-legend-speaks/
Click thru a while to get a text transcript.
From the Computer History Museum: https://computerhistory.org/blog/a-computing-legend-speaks/
Click thru a while to get a text transcript.
A Computing Legend Speaks
Ken Thompson, one of the foremost programmers and computer scientists of the last 50 years, shares stories about his life and career in a newly released oral history.
computerhistory.org
October 27, 2025 at 12:36 AM
New, long, oral history of Ken Thompson, my and everyone's hero.
From the Computer History Museum: https://computerhistory.org/blog/a-computing-legend-speaks/
Click thru a while to get a text transcript.
From the Computer History Museum: https://computerhistory.org/blog/a-computing-legend-speaks/
Click thru a while to get a text transcript.
Mem3nt0 mori – The #hacking Team is back!
“In March 2025, #kaspersky detected a wave of infections that occurred when users clicked on personalized #phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google […]
“In March 2025, #kaspersky detected a wave of infections that occurred when users clicked on personalized #phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google […]
Original post on infosec.exchange
infosec.exchange
October 27, 2025 at 9:41 AM
Mem3nt0 mori – The #hacking Team is back!
“In March 2025, #kaspersky detected a wave of infections that occurred when users clicked on personalized #phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google […]
“In March 2025, #kaspersky detected a wave of infections that occurred when users clicked on personalized #phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google […]
Reposted by Marco Ivaldi
please enjoy: my Wasm-hosted, Wasm-targeting build of Clang/Clang++/LLD: a self-contained, 25 MiB (gzipped) pure function
https://www.npmjs.com/package/@yowasp/clang
https://www.npmjs.com/package/@yowasp/clang
October 26, 2025 at 9:48 AM
please enjoy: my Wasm-hosted, Wasm-targeting build of Clang/Clang++/LLD: a self-contained, 25 MiB (gzipped) pure function
https://www.npmjs.com/package/@yowasp/clang
https://www.npmjs.com/package/@yowasp/clang
Reposted by Marco Ivaldi
you know you're about to watch paint dry for a _long_ time when just the checkout step in a github actions workflow takes 3+ minutes
October 25, 2025 at 7:07 PM
you know you're about to watch paint dry for a _long_ time when just the checkout step in a github actions workflow takes 3+ minutes
Reposted by Marco Ivaldi
SpecterOps released "DumpGuard" along with a detailed article on how they were able to bypass Windows Credential Guard in both privileged and unprivileged contexts. I learned a ton about Isolated LSA and friends. Its funny to see that DES-cracking of NTLMv1 […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
October 23, 2025 at 7:20 PM
SpecterOps released "DumpGuard" along with a detailed article on how they were able to bypass Windows Credential Guard in both privileged and unprivileged contexts. I learned a ton about Isolated LSA and friends. Its funny to see that DES-cracking of NTLMv1 […]
[Original post on infosec.exchange]
[Original post on infosec.exchange]
Reposted by Marco Ivaldi
The vuln is so old it is not even easy to find the reference!
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
Original post on mastodon.social
mastodon.social
October 23, 2025 at 11:45 AM
The vuln is so old it is not even easy to find the reference!
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this"
10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]
Reposted by Marco Ivaldi
What year is this?!
I think I am taking crazy pills!
FWIW: The first ever vulnerability I reported to a vendor was a DNS cache poisoning attack against BIND due its use of predictable query IDs.
I reported it.... in 1996! […]
I think I am taking crazy pills!
FWIW: The first ever vulnerability I reported to a vendor was a DNS cache poisoning attack against BIND due its use of predictable query IDs.
I reported it.... in 1996! […]
Original post on mastodon.social
mastodon.social
October 23, 2025 at 11:42 AM
What year is this?!
I think I am taking crazy pills!
FWIW: The first ever vulnerability I reported to a vendor was a DNS cache poisoning attack against BIND due its use of predictable query IDs.
I reported it.... in 1996! […]
I think I am taking crazy pills!
FWIW: The first ever vulnerability I reported to a vendor was a DNS cache poisoning attack against BIND due its use of predictable query IDs.
I reported it.... in 1996! […]
Reposted by Marco Ivaldi
If you know who did this, or if you know how to set it back, the hotel kindly asks you to do so, respecting the fun achievement unlocked :)
https://infosec.exchange/@xme/115422139879568495
https://infosec.exchange/@xme/115422139879568495
Xavier Mertens 🇧🇪 (@xme@infosec.exchange)
Attached: 1 image When you leave a coffee machine unprotected at a hacker conference… #hacklu2025
infosec.exchange
October 23, 2025 at 7:27 AM
If you know who did this, or if you know how to set it back, the hotel kindly asks you to do so, respecting the fun achievement unlocked :)
https://infosec.exchange/@xme/115422139879568495
https://infosec.exchange/@xme/115422139879568495
Reposted by Marco Ivaldi
10 Mediatek 0day dropped.
Mediatek PSIRT assigned CVE IDs only to 3 of them cuz the others were considered "low severity".
This is The Way
https://labs.taszk.io/articles/post/eastern_promises/
Mediatek PSIRT assigned CVE IDs only to 3 of them cuz the others were considered "low severity".
This is The Way
https://labs.taszk.io/articles/post/eastern_promises/
Eastern Promises: Mobile VRP Lessons for Bug Hunters
Mobile VRP Lessons for Bug Hunters
labs.taszk.io
October 22, 2025 at 2:06 PM
10 Mediatek 0day dropped.
Mediatek PSIRT assigned CVE IDs only to 3 of them cuz the others were considered "low severity".
This is The Way
https://labs.taszk.io/articles/post/eastern_promises/
Mediatek PSIRT assigned CVE IDs only to 3 of them cuz the others were considered "low severity".
This is The Way
https://labs.taszk.io/articles/post/eastern_promises/
Reposted by Marco Ivaldi
Just received an email from YouTube that they'll soon enable autodubbing on the OctoPrint channel for new and soon also old videos. Hell no, every time I run into this AI shit when watching YouTube I just want to scream, it's THAT bad.
Thankfully, there's a way […]
[Original post on chaos.social]
Thankfully, there's a way […]
[Original post on chaos.social]
October 21, 2025 at 7:36 AM
Just received an email from YouTube that they'll soon enable autodubbing on the OctoPrint channel for new and soon also old videos. Hell no, every time I run into this AI shit when watching YouTube I just want to scream, it's THAT bad.
Thankfully, there's a way […]
[Original post on chaos.social]
Thankfully, there's a way […]
[Original post on chaos.social]
Reposted by Marco Ivaldi
On this day seventeen years ago I learned something about locales and Turkish that has scarred me for life: I is not always uppercase i!
https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/
https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/
strcasecmp in Turkish
A friendly user submitted the (lib)curl bug report #2154627 which identified a problem with our URL parser. It doesn’t treat “`file://`” as a known protocol if the locale in use is Turkish.
This was the beginning of a minor world-moving revelation for me. Of course this is already known to mankind and I’m just behind, but really: lots of my fellow hacker friends had no idea either.
So “`file`” and “`FILE`” are not the same word case insensitively in Turkish because ‘i’ is not the lowercase version of ‘I’.
Back to strcasecmp: POSIX pretty much makes the function useless by saying that “The results are unspecified in other locales [than POSIX]”.
I’m a bit annoyed by this fact, as now I have to introduce my own function (which thus cannot use tolower() or toupper() since they also are affected by the locale) and use since the strings in our code is clearly used for “English” strings so file and FILE truly are the same string when compared case insensitively…
daniel.haxx.se
October 15, 2025 at 7:29 AM
On this day seventeen years ago I learned something about locales and Turkish that has scarred me for life: I is not always uppercase i!
https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/
https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/
Reposted by Marco Ivaldi
In the year of Our Lord Two Thousand and Twenty-Five, BIG-IP devices from F5 Inc. are vulnerable to TCP hijacking due to use of a bad TCP Initial Sequence Number generator.
https://my.f5.com/manage/s/article/K000151297
https://my.f5.com/manage/s/article/K000151297
October 15, 2025 at 6:43 PM
In the year of Our Lord Two Thousand and Twenty-Five, BIG-IP devices from F5 Inc. are vulnerable to TCP hijacking due to use of a bad TCP Initial Sequence Number generator.
https://my.f5.com/manage/s/article/K000151297
https://my.f5.com/manage/s/article/K000151297
Reposted by Marco Ivaldi
We've just published "Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2" by @raptor, now live on our freshly restyled blog:
https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/
Originally featured last week as a […]
https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/
Originally featured last week as a […]
Original post on infosec.exchange
infosec.exchange
October 14, 2025 at 8:03 AM
We've just published "Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2" by @raptor, now live on our freshly restyled blog:
https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/
Originally featured last week as a […]
https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/
Originally featured last week as a […]
Reposted by Marco Ivaldi
"We are failing to see that configuration files are actually user interfaces, and that they should be treated as such."
https://ochagavia.nl/blog/configuration-files-are-user-interfaces/
https://ochagavia.nl/blog/configuration-files-are-user-interfaces/
Configuration files are user interfaces
Comments
ochagavia.nl
October 13, 2025 at 1:08 AM
"We are failing to see that configuration files are actually user interfaces, and that they should be treated as such."
https://ochagavia.nl/blog/configuration-files-are-user-interfaces/
https://ochagavia.nl/blog/configuration-files-are-user-interfaces/
One Battle After Another is one hell of a great movie 🍿
October 12, 2025 at 7:14 PM
One Battle After Another is one hell of a great movie 🍿
Reposted by Marco Ivaldi
Episode 8 of Where Warlocks Stay Up late is out and so far I think it is the best one.
So many anecdotes and such a crisp description of that era..
I am a decade older than "MB" but I lived what he talks about and met all the actors.
Crazy times
https://www.youtube.com/watch?v=PN2RQ_O2Cq0
So many anecdotes and such a crisp description of that era..
I am a decade older than "MB" but I lived what he talks about and met all the actors.
Crazy times
https://www.youtube.com/watch?v=PN2RQ_O2Cq0
October 12, 2025 at 5:35 PM
Episode 8 of Where Warlocks Stay Up late is out and so far I think it is the best one.
So many anecdotes and such a crisp description of that era..
I am a decade older than "MB" but I lived what he talks about and met all the actors.
Crazy times
https://www.youtube.com/watch?v=PN2RQ_O2Cq0
So many anecdotes and such a crisp description of that era..
I am a decade older than "MB" but I lived what he talks about and met all the actors.
Crazy times
https://www.youtube.com/watch?v=PN2RQ_O2Cq0